Some YouTube ads forced users' computers to mine cryptocurrency

YouTube's had a lot to deal with recently following the whole Logan Paul ordeal, but now that that's over, the video-sharing site was recently hit with another issue – mining attacks.

This week, users in France, Italy, Japan, Spain, and Taiwan reported that their antivirus programs were alerting them of unauthorized cryptocurrency mining code while watching videos on YouTube. Even when users changed browsers and visited other websites, these warnings only popped up while on YouTube.

Following these complaints, online security company Trend Micro reported that attackers had been using Google's DoubleClick advertisement system to take control of users' computers' CPUs to mine cryptocurrency – specifically, a digital coin called Monero.

The mining code was able to do its thing by injecting a JavaScript code into ads being served to viewers. In fact, 9 out of 10 reported instances reveal that the JavaScript being used was provided by Coinhive. Coinhive is an online service that allows you to mine cryptocurrency, but it's often looked down upon as it allows you to use computers you don't own to run its code and mine virtual currency for yourself.

YouTube was likely targeted because users are typically on the site for an extended period of time. This is a prime target for cryptojacking malware, because the longer the users are mining for cryptocurrency the more money is made.

Thankfully, this current attack has been thwarted. According to a Google spokesperson, "the ads were blocked in less than two hours and the malicious actors were quickly removed from our platforms." There's some confusion surrounding the time-frame Google's talking about, however, as Trend Micro indicates that attacks have been taking place since January 18.